Splunk Review

Correlates logs throughout the enterprise for searching and use in investigations


What is our primary use case?

We primarily use it to correlate logs throughout the enterprise for both searching and use in investigations.

How has it helped my organization?

We previously did not have a good centralized solution which could ingest just about any log type, which has been a plus.

What is most valuable?

The search application has been the most useful. We have also liked the reporting features and dashboard capabilities.

What needs improvement?

The Enterprise Security app could be improved. We have had trouble with it working from the first day.  

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Yes, there have been issues with the Enterprise Security application instance.  

What do I think about the scalability of the solution?

No issues.

How is customer service and technical support?

It has been a weak point, but has improved over the years. It can be tough to get a hold of somebody depending on the complexity of the issue.  

Which solutions did we use previously?

Years ago, we did use another solution, but I am not sure it exists any longer. We have been using Splunk for many years.  

How was the initial setup?

We had professional services set it up, as it was quite complex.  

What about the implementation team?

Vendor implementation, and I would rate them as a seven out of 10.  

What was our ROI?

Excellent overall. 

What's my experience with pricing, setup cost, and licensing?

It can be expensive, especially the licensing costs. However, there is added value in what it can do, not just log aggregation.  

Which other solutions did I evaluate?

We evaluated Trustwave and QRadar.

What other advice do I have?

It is a great product overall. I would like to see improvements on the Enterprise Security app/SIEM functionality.  

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email